/ Check-in [14bc58ca]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Cherrypick changes [53f5cfe115] and [1f7ef0af8d] in order to fix an issue with DISTINCT
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | branch-3.7.2
Files: files | file ages | folders
SHA1:14bc58ca70336aed62069f223324304835991c55
User & Date: drh 2011-10-25 20:36:39
Context
2011-10-25
21:18
Cherrypick the [3513bf6ee090d9] so that the sqlite_source_id() function works correctly even with newer versions of Fossil check-in: 89d63a0e user: drh tags: branch-3.7.2
20:36
Cherrypick changes [53f5cfe115] and [1f7ef0af8d] in order to fix an issue with DISTINCT check-in: 14bc58ca user: drh tags: branch-3.7.2
2011-08-26
17:17
Cherrypick the recursion fix to test_vfs.c from [065e5a5ea4f82]. Also fix the nan.test module to handle upper/lower case changes in TCL. check-in: 41b5f869 user: drh tags: branch-3.7.2
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/expr.c.

  2231   2231       int r = p->iReg;
  2232   2232       if( r>=iFrom && r<=iTo ) return 1;    /*NO_TEST*/
  2233   2233     }
  2234   2234     return 0;
  2235   2235   }
  2236   2236   #endif /* SQLITE_DEBUG || SQLITE_COVERAGE_TEST */
  2237   2237   
  2238         -/*
  2239         -** If the last instruction coded is an ephemeral copy of any of
  2240         -** the registers in the nReg registers beginning with iReg, then
  2241         -** convert the last instruction from OP_SCopy to OP_Copy.
  2242         -*/
  2243         -void sqlite3ExprHardCopy(Parse *pParse, int iReg, int nReg){
  2244         -  VdbeOp *pOp;
  2245         -  Vdbe *v;
  2246         -
  2247         -  assert( pParse->db->mallocFailed==0 );
  2248         -  v = pParse->pVdbe;
  2249         -  assert( v!=0 );
  2250         -  pOp = sqlite3VdbeGetOp(v, -1);
  2251         -  assert( pOp!=0 );
  2252         -  if( pOp->opcode==OP_SCopy && pOp->p1>=iReg && pOp->p1<iReg+nReg ){
  2253         -    pOp->opcode = OP_Copy;
  2254         -  }
  2255         -}
  2256         -
  2257         -/*
  2258         -** Generate code to store the value of the iAlias-th alias in register
  2259         -** target.  The first time this is called, pExpr is evaluated to compute
  2260         -** the value of the alias.  The value is stored in an auxiliary register
  2261         -** and the number of that register is returned.  On subsequent calls,
  2262         -** the register number is returned without generating any code.
  2263         -**
  2264         -** Note that in order for this to work, code must be generated in the
  2265         -** same order that it is executed.
  2266         -**
  2267         -** Aliases are numbered starting with 1.  So iAlias is in the range
  2268         -** of 1 to pParse->nAlias inclusive.  
  2269         -**
  2270         -** pParse->aAlias[iAlias-1] records the register number where the value
  2271         -** of the iAlias-th alias is stored.  If zero, that means that the
  2272         -** alias has not yet been computed.
  2273         -*/
  2274         -static int codeAlias(Parse *pParse, int iAlias, Expr *pExpr, int target){
  2275         -#if 0
  2276         -  sqlite3 *db = pParse->db;
  2277         -  int iReg;
  2278         -  if( pParse->nAliasAlloc<pParse->nAlias ){
  2279         -    pParse->aAlias = sqlite3DbReallocOrFree(db, pParse->aAlias,
  2280         -                                 sizeof(pParse->aAlias[0])*pParse->nAlias );
  2281         -    testcase( db->mallocFailed && pParse->nAliasAlloc>0 );
  2282         -    if( db->mallocFailed ) return 0;
  2283         -    memset(&pParse->aAlias[pParse->nAliasAlloc], 0,
  2284         -           (pParse->nAlias-pParse->nAliasAlloc)*sizeof(pParse->aAlias[0]));
  2285         -    pParse->nAliasAlloc = pParse->nAlias;
  2286         -  }
  2287         -  assert( iAlias>0 && iAlias<=pParse->nAlias );
  2288         -  iReg = pParse->aAlias[iAlias-1];
  2289         -  if( iReg==0 ){
  2290         -    if( pParse->iCacheLevel>0 ){
  2291         -      iReg = sqlite3ExprCodeTarget(pParse, pExpr, target);
  2292         -    }else{
  2293         -      iReg = ++pParse->nMem;
  2294         -      sqlite3ExprCode(pParse, pExpr, iReg);
  2295         -      pParse->aAlias[iAlias-1] = iReg;
  2296         -    }
  2297         -  }
  2298         -  return iReg;
  2299         -#else
  2300         -  UNUSED_PARAMETER(iAlias);
  2301         -  return sqlite3ExprCodeTarget(pParse, pExpr, target);
  2302         -#endif
  2303         -}
  2304         -
  2305   2238   /*
  2306   2239   ** Generate code into the current Vdbe to evaluate the given
  2307   2240   ** expression.  Attempt to store the results in register "target".
  2308   2241   ** Return the register where results are stored.
  2309   2242   **
  2310   2243   ** With this routine, there is no guarantee that results will
  2311   2244   ** be stored in target.  The result might be stored in some other
................................................................................
  2406   2339         break;
  2407   2340       }
  2408   2341       case TK_REGISTER: {
  2409   2342         inReg = pExpr->iTable;
  2410   2343         break;
  2411   2344       }
  2412   2345       case TK_AS: {
  2413         -      inReg = codeAlias(pParse, pExpr->iTable, pExpr->pLeft, target);
         2346  +      inReg = sqlite3ExprCodeTarget(pParse, pExpr->pLeft, target);
  2414   2347         break;
  2415   2348       }
  2416   2349   #ifndef SQLITE_OMIT_CAST
  2417   2350       case TK_CAST: {
  2418   2351         /* Expressions of the form:   CAST(pLeft AS token) */
  2419   2352         int aff, to_op;
  2420   2353         inReg = sqlite3ExprCodeTarget(pParse, pExpr->pLeft, target);
................................................................................
  2838   2771           testcase( pX->op==TK_REGISTER );
  2839   2772           cacheX.iTable = sqlite3ExprCodeTemp(pParse, pX, &regFree1);
  2840   2773           testcase( regFree1==0 );
  2841   2774           cacheX.op = TK_REGISTER;
  2842   2775           opCompare.op = TK_EQ;
  2843   2776           opCompare.pLeft = &cacheX;
  2844   2777           pTest = &opCompare;
         2778  +        /* Ticket b351d95f9cd5ef17e9d9dbae18f5ca8611190001:
         2779  +        ** The value in regFree1 might get SCopy-ed into the file result.
         2780  +        ** So make sure that the regFree1 register is not reused for other
         2781  +        ** purposes and possibly overwritten.  */
         2782  +        regFree1 = 0;
  2845   2783         }
  2846   2784         for(i=0; i<nExpr; i=i+2){
  2847   2785           sqlite3ExprCachePush(pParse);
  2848   2786           if( pX ){
  2849   2787             assert( pTest!=0 );
  2850   2788             opCompare.pRight = aListelem[i].pExpr;
  2851   2789           }else{
................................................................................
  2931   2869   ** results in register target.  The results are guaranteed to appear
  2932   2870   ** in register target.
  2933   2871   */
  2934   2872   int sqlite3ExprCode(Parse *pParse, Expr *pExpr, int target){
  2935   2873     int inReg;
  2936   2874   
  2937   2875     assert( target>0 && target<=pParse->nMem );
  2938         -  inReg = sqlite3ExprCodeTarget(pParse, pExpr, target);
  2939         -  assert( pParse->pVdbe || pParse->db->mallocFailed );
  2940         -  if( inReg!=target && pParse->pVdbe ){
  2941         -    sqlite3VdbeAddOp2(pParse->pVdbe, OP_SCopy, inReg, target);
         2876  +  if( pExpr && pExpr->op==TK_REGISTER ){
         2877  +    sqlite3VdbeAddOp2(pParse->pVdbe, OP_Copy, pExpr->iTable, target);
         2878  +  }else{
         2879  +    inReg = sqlite3ExprCodeTarget(pParse, pExpr, target);
         2880  +    assert( pParse->pVdbe || pParse->db->mallocFailed );
         2881  +    if( inReg!=target && pParse->pVdbe ){
         2882  +      sqlite3VdbeAddOp2(pParse->pVdbe, OP_SCopy, inReg, target);
         2883  +    }
  2942   2884     }
  2943   2885     return target;
  2944   2886   }
  2945   2887   
  2946   2888   /*
  2947   2889   ** Generate code that evalutes the given expression and puts the result
  2948   2890   ** in register target.
................................................................................
  3107   3049     int target,        /* Where to write results */
  3108   3050     int doHardCopy     /* Make a hard copy of every element */
  3109   3051   ){
  3110   3052     struct ExprList_item *pItem;
  3111   3053     int i, n;
  3112   3054     assert( pList!=0 );
  3113   3055     assert( target>0 );
         3056  +  assert( pParse->pVdbe!=0 );  /* Never gets this far otherwise */
  3114   3057     n = pList->nExpr;
  3115   3058     for(pItem=pList->a, i=0; i<n; i++, pItem++){
  3116         -    if( pItem->iAlias ){
  3117         -      int iReg = codeAlias(pParse, pItem->iAlias, pItem->pExpr, target+i);
  3118         -      Vdbe *v = sqlite3GetVdbe(pParse);
  3119         -      if( iReg!=target+i ){
  3120         -        sqlite3VdbeAddOp2(v, OP_SCopy, iReg, target+i);
  3121         -      }
  3122         -    }else{
  3123         -      sqlite3ExprCode(pParse, pItem->pExpr, target+i);
  3124         -    }
  3125         -    if( doHardCopy && !pParse->db->mallocFailed ){
  3126         -      sqlite3ExprHardCopy(pParse, target, n);
         3059  +    Expr *pExpr = pItem->pExpr;
         3060  +    int inReg = sqlite3ExprCodeTarget(pParse, pExpr, target+i);
         3061  +    if( inReg!=target+i ){
         3062  +      sqlite3VdbeAddOp2(pParse->pVdbe, doHardCopy ? OP_Copy : OP_SCopy,
         3063  +                        inReg, target+i);
  3127   3064       }
  3128   3065     }
  3129   3066     return n;
  3130   3067   }
  3131   3068   
  3132   3069   /*
  3133   3070   ** Generate code for a BETWEEN operator.

Changes to src/fkey.c.

   376    376         int regTemp = sqlite3GetTempRange(pParse, nCol);
   377    377         int regRec = sqlite3GetTempReg(pParse);
   378    378         KeyInfo *pKey = sqlite3IndexKeyinfo(pParse, pIdx);
   379    379     
   380    380         sqlite3VdbeAddOp3(v, OP_OpenRead, iCur, pIdx->tnum, iDb);
   381    381         sqlite3VdbeChangeP4(v, -1, (char*)pKey, P4_KEYINFO_HANDOFF);
   382    382         for(i=0; i<nCol; i++){
   383         -        sqlite3VdbeAddOp2(v, OP_SCopy, aiCol[i]+1+regData, regTemp+i);
          383  +        sqlite3VdbeAddOp2(v, OP_Copy, aiCol[i]+1+regData, regTemp+i);
   384    384         }
   385    385     
   386    386         /* If the parent table is the same as the child table, and we are about
   387    387         ** to increment the constraint-counter (i.e. this is an INSERT operation),
   388    388         ** then check if the row being inserted matches itself. If so, do not
   389    389         ** increment the constraint-counter.  */
   390    390         if( pTab==pFKey->pFrom && nIncr==1 ){

Changes to src/select.c.

  3478   3478       int addrNext = 0;
  3479   3479       int regAgg;
  3480   3480       ExprList *pList = pF->pExpr->x.pList;
  3481   3481       assert( !ExprHasProperty(pF->pExpr, EP_xIsSelect) );
  3482   3482       if( pList ){
  3483   3483         nArg = pList->nExpr;
  3484   3484         regAgg = sqlite3GetTempRange(pParse, nArg);
  3485         -      sqlite3ExprCodeExprList(pParse, pList, regAgg, 0);
         3485  +      sqlite3ExprCodeExprList(pParse, pList, regAgg, 1);
  3486   3486       }else{
  3487   3487         nArg = 0;
  3488   3488         regAgg = 0;
  3489   3489       }
  3490   3490       if( pF->iDistinct>=0 ){
  3491   3491         addrNext = sqlite3VdbeMakeLabel(v);
  3492   3492         assert( nArg==1 );

Changes to src/sqliteInt.h.

  2686   2686   void sqlite3ExprCodeCopy(Parse*, int, int, int);
  2687   2687   void sqlite3ExprCacheStore(Parse*, int, int, int);
  2688   2688   void sqlite3ExprCachePush(Parse*);
  2689   2689   void sqlite3ExprCachePop(Parse*, int);
  2690   2690   void sqlite3ExprCacheRemove(Parse*, int, int);
  2691   2691   void sqlite3ExprCacheClear(Parse*);
  2692   2692   void sqlite3ExprCacheAffinityChange(Parse*, int, int);
  2693         -void sqlite3ExprHardCopy(Parse*,int,int);
  2694   2693   int sqlite3ExprCode(Parse*, Expr*, int);
  2695   2694   int sqlite3ExprCodeTemp(Parse*, Expr*, int*);
  2696   2695   int sqlite3ExprCodeTarget(Parse*, Expr*, int);
  2697   2696   int sqlite3ExprCodeAndCache(Parse*, Expr*, int);
  2698   2697   void sqlite3ExprCodeConstants(Parse*, Expr*);
  2699   2698   int sqlite3ExprCodeExprList(Parse*, ExprList*, int, int);
  2700   2699   void sqlite3ExprIfTrue(Parse*, Expr*, int, int);

Changes to src/vdbe.c.

    42     42   ** of the code in this file is, therefore, important.  See other comments
    43     43   ** in this file for details.  If in doubt, do not deviate from existing
    44     44   ** commenting and indentation practices when changing or adding code.
    45     45   */
    46     46   #include "sqliteInt.h"
    47     47   #include "vdbeInt.h"
    48     48   
           49  +/*
           50  +** Invoke this macro on memory cells just prior to changing the
           51  +** value of the cell.  This macro verifies that shallow copies are
           52  +** not misused.
           53  +*/
           54  +#ifdef SQLITE_DEBUG
           55  +# define memAboutToChange(P,M) sqlite3VdbeMemPrepareToChange(P,M)
           56  +#else
           57  +# define memAboutToChange(P,M)
           58  +#endif
           59  +
    49     60   /*
    50     61   ** The following global variable is incremented every time a cursor
    51     62   ** moves, either by the OP_SeekXX, OP_Next, or OP_Prev opcodes.  The test
    52     63   ** procedures use this information to make sure that indices are
    53     64   ** working correctly.  This variable has no function other than to
    54     65   ** help verify the correct operation of the library.
    55     66   */
................................................................................
   663    674       ** value or convert mem[p2] to a different type.
   664    675       */
   665    676       assert( pOp->opflags==sqlite3OpcodeProperty[pOp->opcode] );
   666    677       if( pOp->opflags & OPFLG_OUT2_PRERELEASE ){
   667    678         assert( pOp->p2>0 );
   668    679         assert( pOp->p2<=p->nMem );
   669    680         pOut = &aMem[pOp->p2];
          681  +      memAboutToChange(p, pOut);
   670    682         sqlite3VdbeMemReleaseExternal(pOut);
   671    683         pOut->flags = MEM_Int;
   672    684       }
   673    685   
   674    686       /* Sanity checking on other operands */
   675    687   #ifdef SQLITE_DEBUG
   676    688       if( (pOp->opflags & OPFLG_IN1)!=0 ){
   677    689         assert( pOp->p1>0 );
   678    690         assert( pOp->p1<=p->nMem );
          691  +      assert( memIsValid(&aMem[pOp->p1]) );
   679    692         REGISTER_TRACE(pOp->p1, &aMem[pOp->p1]);
   680    693       }
   681    694       if( (pOp->opflags & OPFLG_IN2)!=0 ){
   682    695         assert( pOp->p2>0 );
   683    696         assert( pOp->p2<=p->nMem );
          697  +      assert( memIsValid(&aMem[pOp->p2]) );
   684    698         REGISTER_TRACE(pOp->p2, &aMem[pOp->p2]);
   685    699       }
   686    700       if( (pOp->opflags & OPFLG_IN3)!=0 ){
   687    701         assert( pOp->p3>0 );
   688    702         assert( pOp->p3<=p->nMem );
          703  +      assert( memIsValid(&aMem[pOp->p3]) );
   689    704         REGISTER_TRACE(pOp->p3, &aMem[pOp->p3]);
   690    705       }
   691    706       if( (pOp->opflags & OPFLG_OUT2)!=0 ){
   692    707         assert( pOp->p2>0 );
   693    708         assert( pOp->p2<=p->nMem );
          709  +      memAboutToChange(p, &aMem[pOp->p2]);
   694    710       }
   695    711       if( (pOp->opflags & OPFLG_OUT3)!=0 ){
   696    712         assert( pOp->p3>0 );
   697    713         assert( pOp->p3<=p->nMem );
          714  +      memAboutToChange(p, &aMem[pOp->p3]);
   698    715       }
   699    716   #endif
   700    717     
   701    718       switch( pOp->opcode ){
   702    719   
   703    720   /*****************************************************************************
   704    721   ** What follows is a massive switch statement where each case implements a
................................................................................
   752    769   **
   753    770   ** Write the current address onto register P1
   754    771   ** and then jump to address P2.
   755    772   */
   756    773   case OP_Gosub: {            /* jump, in1 */
   757    774     pIn1 = &aMem[pOp->p1];
   758    775     assert( (pIn1->flags & MEM_Dyn)==0 );
          776  +  memAboutToChange(p, pIn1);
   759    777     pIn1->flags = MEM_Int;
   760    778     pIn1->u.i = pc;
   761    779     REGISTER_TRACE(pOp->p1, pIn1);
   762    780     pc = pOp->p2 - 1;
   763    781     break;
   764    782   }
   765    783   
................................................................................
  1015   1033     assert( p1+n<=p2 || p2+n<=p1 );
  1016   1034   
  1017   1035     pIn1 = &aMem[p1];
  1018   1036     pOut = &aMem[p2];
  1019   1037     while( n-- ){
  1020   1038       assert( pOut<=&aMem[p->nMem] );
  1021   1039       assert( pIn1<=&aMem[p->nMem] );
         1040  +    assert( memIsValid(pIn1) );
         1041  +    memAboutToChange(p, pOut);
  1022   1042       zMalloc = pOut->zMalloc;
  1023   1043       pOut->zMalloc = 0;
  1024   1044       sqlite3VdbeMemMove(pOut, pIn1);
  1025   1045       pIn1->zMalloc = zMalloc;
  1026   1046       REGISTER_TRACE(p2++, pOut);
  1027   1047       pIn1++;
  1028   1048       pOut++;
................................................................................
  1060   1080   ** copy.
  1061   1081   */
  1062   1082   case OP_SCopy: {            /* in1, out2 */
  1063   1083     pIn1 = &aMem[pOp->p1];
  1064   1084     pOut = &aMem[pOp->p2];
  1065   1085     assert( pOut!=pIn1 );
  1066   1086     sqlite3VdbeMemShallowCopy(pOut, pIn1, MEM_Ephem);
         1087  +#ifdef SQLITE_DEBUG
         1088  +  if( pOut->pScopyFrom==0 ) pOut->pScopyFrom = pIn1;
         1089  +#endif
  1067   1090     REGISTER_TRACE(pOp->p2, pOut);
  1068   1091     break;
  1069   1092   }
  1070   1093   
  1071   1094   /* Opcode: ResultRow P1 P2 * * *
  1072   1095   **
  1073   1096   ** The registers P1 through P1+P2-1 contain a single row of
................................................................................
  1118   1141   
  1119   1142     /* Make sure the results of the current row are \000 terminated
  1120   1143     ** and have an assigned type.  The results are de-ephemeralized as
  1121   1144     ** as side effect.
  1122   1145     */
  1123   1146     pMem = p->pResultSet = &aMem[pOp->p1];
  1124   1147     for(i=0; i<pOp->p2; i++){
         1148  +    assert( memIsValid(&pMem[i]) );
         1149  +    Deephemeralize(&pMem[i]);
         1150  +    assert( (pMem[i].flags & MEM_Ephem)==0
         1151  +            || (pMem[i].flags & (MEM_Str|MEM_Blob))==0 );
  1125   1152       sqlite3VdbeMemNulTerminate(&pMem[i]);
  1126   1153       sqlite3VdbeMemStoreType(&pMem[i]);
  1127   1154       REGISTER_TRACE(pOp->p1+i, &pMem[i]);
  1128   1155     }
  1129   1156     if( db->mallocFailed ) goto no_mem;
  1130   1157   
  1131   1158     /* Return SQLITE_ROW
................................................................................
  1343   1370     sqlite3_context ctx;
  1344   1371     sqlite3_value **apVal;
  1345   1372     int n;
  1346   1373   
  1347   1374     n = pOp->p5;
  1348   1375     apVal = p->apArg;
  1349   1376     assert( apVal || n==0 );
         1377  +  assert( pOp->p3>0 && pOp->p3<=p->nMem );
         1378  +  pOut = &aMem[pOp->p3];
         1379  +  memAboutToChange(p, pOut);
  1350   1380   
  1351   1381     assert( n==0 || (pOp->p2>0 && pOp->p2+n<=p->nMem+1) );
  1352   1382     assert( pOp->p3<pOp->p2 || pOp->p3>=pOp->p2+n );
  1353   1383     pArg = &aMem[pOp->p2];
  1354   1384     for(i=0; i<n; i++, pArg++){
         1385  +    assert( memIsValid(pArg) );
  1355   1386       apVal[i] = pArg;
         1387  +    Deephemeralize(pArg);
  1356   1388       sqlite3VdbeMemStoreType(pArg);
  1357   1389       REGISTER_TRACE(pOp->p2+i, pArg);
  1358   1390     }
  1359   1391   
  1360   1392     assert( pOp->p4type==P4_FUNCDEF || pOp->p4type==P4_VDBEFUNC );
  1361   1393     if( pOp->p4type==P4_FUNCDEF ){
  1362   1394       ctx.pFunc = pOp->p4.pFunc;
  1363   1395       ctx.pVdbeFunc = 0;
  1364   1396     }else{
  1365   1397       ctx.pVdbeFunc = (VdbeFunc*)pOp->p4.pVdbeFunc;
  1366   1398       ctx.pFunc = ctx.pVdbeFunc->pFunc;
  1367   1399     }
  1368   1400   
  1369         -  assert( pOp->p3>0 && pOp->p3<=p->nMem );
  1370         -  pOut = &aMem[pOp->p3];
  1371   1401     ctx.s.flags = MEM_Null;
  1372   1402     ctx.s.db = db;
  1373   1403     ctx.s.xDel = 0;
  1374   1404     ctx.s.zMalloc = 0;
  1375   1405   
  1376   1406     /* The output cell may already have a buffer allocated. Move
  1377   1407     ** the pointer to ctx.s so in case the user-function can use
................................................................................
  1483   1513   ** Add the constant P2 to the value in register P1.
  1484   1514   ** The result is always an integer.
  1485   1515   **
  1486   1516   ** To force any register to be an integer, just add 0.
  1487   1517   */
  1488   1518   case OP_AddImm: {            /* in1 */
  1489   1519     pIn1 = &aMem[pOp->p1];
         1520  +  memAboutToChange(p, pIn1);
  1490   1521     sqlite3VdbeMemIntegerify(pIn1);
  1491   1522     pIn1->u.i += pOp->p2;
  1492   1523     break;
  1493   1524   }
  1494   1525   
  1495   1526   /* Opcode: MustBeInt P1 P2 * * *
  1496   1527   ** 
................................................................................
  1497   1528   ** Force the value in register P1 to be an integer.  If the value
  1498   1529   ** in P1 is not an integer and cannot be converted into an integer
  1499   1530   ** without data loss, then jump immediately to P2, or if P2==0
  1500   1531   ** raise an SQLITE_MISMATCH exception.
  1501   1532   */
  1502   1533   case OP_MustBeInt: {            /* jump, in1 */
  1503   1534     pIn1 = &aMem[pOp->p1];
         1535  +  memAboutToChange(p, pIn1);
  1504   1536     applyAffinity(pIn1, SQLITE_AFF_NUMERIC, encoding);
  1505   1537     if( (pIn1->flags & MEM_Int)==0 ){
  1506   1538       if( pOp->p2==0 ){
  1507   1539         rc = SQLITE_MISMATCH;
  1508   1540         goto abort_due_to_error;
  1509   1541       }else{
  1510   1542         pc = pOp->p2 - 1;
................................................................................
  1523   1555   ** This opcode is used when extracting information from a column that
  1524   1556   ** has REAL affinity.  Such column values may still be stored as
  1525   1557   ** integers, for space efficiency, but after extraction we want them
  1526   1558   ** to have only a real value.
  1527   1559   */
  1528   1560   case OP_RealAffinity: {                  /* in1 */
  1529   1561     pIn1 = &aMem[pOp->p1];
         1562  +  memAboutToChange(p, pIn1);
  1530   1563     if( pIn1->flags & MEM_Int ){
  1531   1564       sqlite3VdbeMemRealify(pIn1);
  1532   1565     }
  1533   1566     break;
  1534   1567   }
  1535   1568   #endif
  1536   1569   
................................................................................
  1542   1575   ** equivalent of printf().  Blob values are unchanged and
  1543   1576   ** are afterwards simply interpreted as text.
  1544   1577   **
  1545   1578   ** A NULL value is not changed by this routine.  It remains NULL.
  1546   1579   */
  1547   1580   case OP_ToText: {                  /* same as TK_TO_TEXT, in1 */
  1548   1581     pIn1 = &aMem[pOp->p1];
         1582  +  memAboutToChange(p, pIn1);
  1549   1583     if( pIn1->flags & MEM_Null ) break;
  1550   1584     assert( MEM_Str==(MEM_Blob>>3) );
  1551   1585     pIn1->flags |= (pIn1->flags&MEM_Blob)>>3;
  1552   1586     applyAffinity(pIn1, SQLITE_AFF_TEXT, encoding);
  1553   1587     rc = ExpandBlob(pIn1);
  1554   1588     assert( pIn1->flags & MEM_Str || db->mallocFailed );
  1555   1589     pIn1->flags &= ~(MEM_Int|MEM_Real|MEM_Blob|MEM_Zero);
................................................................................
  1564   1598   ** Strings are simply reinterpreted as blobs with no change
  1565   1599   ** to the underlying data.
  1566   1600   **
  1567   1601   ** A NULL value is not changed by this routine.  It remains NULL.
  1568   1602   */
  1569   1603   case OP_ToBlob: {                  /* same as TK_TO_BLOB, in1 */
  1570   1604     pIn1 = &aMem[pOp->p1];
         1605  +  memAboutToChange(p, pIn1);
  1571   1606     if( pIn1->flags & MEM_Null ) break;
  1572   1607     if( (pIn1->flags & MEM_Blob)==0 ){
  1573   1608       applyAffinity(pIn1, SQLITE_AFF_TEXT, encoding);
  1574   1609       assert( pIn1->flags & MEM_Str || db->mallocFailed );
  1575   1610       MemSetTypeFlag(pIn1, MEM_Blob);
  1576   1611     }else{
  1577   1612       pIn1->flags &= ~(MEM_TypeMask&~MEM_Blob);
................................................................................
  1588   1623   ** equivalent of atoi() or atof() and store 0 if no such conversion 
  1589   1624   ** is possible.
  1590   1625   **
  1591   1626   ** A NULL value is not changed by this routine.  It remains NULL.
  1592   1627   */
  1593   1628   case OP_ToNumeric: {                  /* same as TK_TO_NUMERIC, in1 */
  1594   1629     pIn1 = &aMem[pOp->p1];
         1630  +  memAboutToChange(p, pIn1);
  1595   1631     if( (pIn1->flags & (MEM_Null|MEM_Int|MEM_Real))==0 ){
  1596   1632       sqlite3VdbeMemNumerify(pIn1);
  1597   1633     }
  1598   1634     break;
  1599   1635   }
  1600   1636   #endif /* SQLITE_OMIT_CAST */
  1601   1637   
................................................................................
  1606   1642   ** If the value is text or blob, try to convert it to an integer using the
  1607   1643   ** equivalent of atoi() and store 0 if no such conversion is possible.
  1608   1644   **
  1609   1645   ** A NULL value is not changed by this routine.  It remains NULL.
  1610   1646   */
  1611   1647   case OP_ToInt: {                  /* same as TK_TO_INT, in1 */
  1612   1648     pIn1 = &aMem[pOp->p1];
         1649  +  memAboutToChange(p, pIn1);
  1613   1650     if( (pIn1->flags & MEM_Null)==0 ){
  1614   1651       sqlite3VdbeMemIntegerify(pIn1);
  1615   1652     }
  1616   1653     break;
  1617   1654   }
  1618   1655   
  1619   1656   #if !defined(SQLITE_OMIT_CAST) && !defined(SQLITE_OMIT_FLOATING_POINT)
................................................................................
  1624   1661   ** If the value is text or blob, try to convert it to an integer using the
  1625   1662   ** equivalent of atoi() and store 0.0 if no such conversion is possible.
  1626   1663   **
  1627   1664   ** A NULL value is not changed by this routine.  It remains NULL.
  1628   1665   */
  1629   1666   case OP_ToReal: {                  /* same as TK_TO_REAL, in1 */
  1630   1667     pIn1 = &aMem[pOp->p1];
         1668  +  memAboutToChange(p, pIn1);
  1631   1669     if( (pIn1->flags & MEM_Null)==0 ){
  1632   1670       sqlite3VdbeMemRealify(pIn1);
  1633   1671     }
  1634   1672     break;
  1635   1673   }
  1636   1674   #endif /* !defined(SQLITE_OMIT_CAST) && !defined(SQLITE_OMIT_FLOATING_POINT) */
  1637   1675   
................................................................................
  1716   1754     int res;            /* Result of the comparison of pIn1 against pIn3 */
  1717   1755     char affinity;      /* Affinity to use for comparison */
  1718   1756     u16 flags1;         /* Copy of initial value of pIn1->flags */
  1719   1757     u16 flags3;         /* Copy of initial value of pIn3->flags */
  1720   1758   
  1721   1759     pIn1 = &aMem[pOp->p1];
  1722   1760     pIn3 = &aMem[pOp->p3];
         1761  +  memAboutToChange(p, pIn1);
         1762  +  memAboutToChange(p, pIn3);
  1723   1763     flags1 = pIn1->flags;
  1724   1764     flags3 = pIn3->flags;
  1725   1765     if( (pIn1->flags | pIn3->flags)&MEM_Null ){
  1726   1766       /* One or both operands are NULL */
  1727   1767       if( pOp->p5 & SQLITE_NULLEQ ){
  1728   1768         /* If SQLITE_NULLEQ is set (which will only happen if the operator is
  1729   1769         ** OP_Eq or OP_Ne) then take the jump or not depending on whether
................................................................................
  1766   1806       case OP_Le:    res = res<=0;     break;
  1767   1807       case OP_Gt:    res = res>0;      break;
  1768   1808       default:       res = res>=0;     break;
  1769   1809     }
  1770   1810   
  1771   1811     if( pOp->p5 & SQLITE_STOREP2 ){
  1772   1812       pOut = &aMem[pOp->p2];
         1813  +    memAboutToChange(p, pOut);
  1773   1814       MemSetTypeFlag(pOut, MEM_Int);
  1774   1815       pOut->u.i = res;
  1775   1816       REGISTER_TRACE(pOp->p2, pOut);
  1776   1817     }else if( res ){
  1777   1818       pc = pOp->p2-1;
  1778   1819     }
  1779   1820   
................................................................................
  1838   1879     }else{
  1839   1880       assert( p1>0 && p1+n<=p->nMem+1 );
  1840   1881       assert( p2>0 && p2+n<=p->nMem+1 );
  1841   1882     }
  1842   1883   #endif /* SQLITE_DEBUG */
  1843   1884     for(i=0; i<n; i++){
  1844   1885       idx = aPermute ? aPermute[i] : i;
         1886  +    assert( memIsValid(&aMem[p1+idx]) );
         1887  +    assert( memIsValid(&aMem[p2+idx]) );
  1845   1888       REGISTER_TRACE(p1+idx, &aMem[p1+idx]);
  1846   1889       REGISTER_TRACE(p2+idx, &aMem[p2+idx]);
  1847   1890       assert( i<pKeyInfo->nField );
  1848   1891       pColl = pKeyInfo->aColl[i];
  1849   1892       bRev = pKeyInfo->aSortOrder[i];
  1850   1893       iCompare = sqlite3MemCompare(&aMem[p1+idx], &aMem[p2+idx], pColl);
  1851   1894       if( iCompare ){
................................................................................
  2063   2106     p1 = pOp->p1;
  2064   2107     p2 = pOp->p2;
  2065   2108     pC = 0;
  2066   2109     memset(&sMem, 0, sizeof(sMem));
  2067   2110     assert( p1<p->nCursor );
  2068   2111     assert( pOp->p3>0 && pOp->p3<=p->nMem );
  2069   2112     pDest = &aMem[pOp->p3];
         2113  +  memAboutToChange(p, pDest);
  2070   2114     MemSetTypeFlag(pDest, MEM_Null);
  2071   2115     zRec = 0;
  2072   2116   
  2073   2117     /* This block sets the variable payloadSize to be the total number of
  2074   2118     ** bytes in the record.
  2075   2119     **
  2076   2120     ** zRec is set to be the complete text of the record if it is available.
................................................................................
  2110   2154         assert( sqlite3BtreeCursorIsValid(pCrsr) );
  2111   2155         rc = sqlite3BtreeDataSize(pCrsr, &payloadSize);
  2112   2156         assert( rc==SQLITE_OK );   /* DataSize() cannot fail */
  2113   2157       }
  2114   2158     }else if( pC->pseudoTableReg>0 ){
  2115   2159       pReg = &aMem[pC->pseudoTableReg];
  2116   2160       assert( pReg->flags & MEM_Blob );
         2161  +    assert( memIsValid(pReg) );
  2117   2162       payloadSize = pReg->n;
  2118   2163       zRec = pReg->z;
  2119   2164       pC->cacheStatus = (pOp->p5&OPFLAG_CLEARCACHE) ? CACHE_STALE : p->cacheCtr;
  2120   2165       assert( payloadSize==0 || zRec!=0 );
  2121   2166     }else{
  2122   2167       /* Consider the row to be NULL */
  2123   2168       payloadSize = 0;
................................................................................
  2332   2377   
  2333   2378     zAffinity = pOp->p4.z;
  2334   2379     assert( zAffinity!=0 );
  2335   2380     assert( zAffinity[pOp->p2]==0 );
  2336   2381     pIn1 = &aMem[pOp->p1];
  2337   2382     while( (cAff = *(zAffinity++))!=0 ){
  2338   2383       assert( pIn1 <= &p->aMem[p->nMem] );
         2384  +    assert( memIsValid(pIn1) );
         2385  +    memAboutToChange(p, pIn1);
  2339   2386       ExpandBlob(pIn1);
  2340   2387       applyAffinity(pIn1, cAff, encoding);
  2341   2388       pIn1++;
  2342   2389     }
  2343   2390     break;
  2344   2391   }
  2345   2392   
................................................................................
  2400   2447     nField = pOp->p1;
  2401   2448     zAffinity = pOp->p4.z;
  2402   2449     assert( nField>0 && pOp->p2>0 && pOp->p2+nField<=p->nMem+1 );
  2403   2450     pData0 = &aMem[nField];
  2404   2451     nField = pOp->p2;
  2405   2452     pLast = &pData0[nField-1];
  2406   2453     file_format = p->minWriteFileFormat;
         2454  +
         2455  +  /* Identify the output register */
         2456  +  assert( pOp->p3<pOp->p1 || pOp->p3>=pOp->p1+pOp->p2 );
         2457  +  pOut = &aMem[pOp->p3];
         2458  +  memAboutToChange(p, pOut);
  2407   2459   
  2408   2460     /* Loop through the elements that will make up the record to figure
  2409   2461     ** out how much space is required for the new record.
  2410   2462     */
  2411   2463     for(pRec=pData0; pRec<=pLast; pRec++){
         2464  +    assert( memIsValid(pRec) );
  2412   2465       if( zAffinity ){
         2466  +      memAboutToChange(p, pRec);
  2413   2467         applyAffinity(pRec, zAffinity[pRec-pData0], encoding);
  2414   2468       }
  2415   2469       if( pRec->flags&MEM_Zero && pRec->n>0 ){
  2416   2470         sqlite3VdbeMemExpandBlob(pRec);
  2417   2471       }
  2418   2472       serial_type = sqlite3VdbeSerialType(pRec, file_format);
  2419   2473       len = sqlite3VdbeSerialTypeLen(serial_type);
................................................................................
  2439   2493     }
  2440   2494   
  2441   2495     /* Make sure the output register has a buffer large enough to store 
  2442   2496     ** the new record. The output register (pOp->p3) is not allowed to
  2443   2497     ** be one of the input registers (because the following call to
  2444   2498     ** sqlite3VdbeMemGrow() could clobber the value before it is used).
  2445   2499     */
  2446         -  assert( pOp->p3<pOp->p1 || pOp->p3>=pOp->p1+pOp->p2 );
  2447         -  pOut = &aMem[pOp->p3];
  2448   2500     if( sqlite3VdbeMemGrow(pOut, (int)nByte, 0) ){
  2449   2501       goto no_mem;
  2450   2502     }
  2451   2503     zNewRecord = (u8 *)pOut->z;
  2452   2504   
  2453   2505     /* Write the record */
  2454   2506     i = putVarint32(zNewRecord, nHdr);
................................................................................
  2987   3039     }else{
  2988   3040       wrFlag = 0;
  2989   3041     }
  2990   3042     if( pOp->p5 ){
  2991   3043       assert( p2>0 );
  2992   3044       assert( p2<=p->nMem );
  2993   3045       pIn2 = &aMem[p2];
         3046  +    assert( memIsValid(pIn2) );
         3047  +    assert( (pIn2->flags & MEM_Int)!=0 );
  2994   3048       sqlite3VdbeMemIntegerify(pIn2);
  2995   3049       p2 = (int)pIn2->u.i;
  2996   3050       /* The p2 value always comes from a prior OP_CreateTable opcode and
  2997   3051       ** that opcode will always set the p2 value to 2 or more or else fail.
  2998   3052       ** If there were a failure, the prepared statement would have halted
  2999   3053       ** before reaching this instruction. */
  3000   3054       if( NEVER(p2<2) ) {
................................................................................
  3298   3352         r.flags = (u16)(UNPACKED_INCRKEY * (1 & (oc - OP_SeekLt)));
  3299   3353         assert( oc!=OP_SeekGt || r.flags==UNPACKED_INCRKEY );
  3300   3354         assert( oc!=OP_SeekLe || r.flags==UNPACKED_INCRKEY );
  3301   3355         assert( oc!=OP_SeekGe || r.flags==0 );
  3302   3356         assert( oc!=OP_SeekLt || r.flags==0 );
  3303   3357   
  3304   3358         r.aMem = &aMem[pOp->p3];
         3359  +#ifdef SQLITE_DEBUG
         3360  +      { int i; for(i=0; i<r.nField; i++) assert( memIsValid(&r.aMem[i]) ); }
         3361  +#endif
  3305   3362         ExpandBlob(r.aMem);
  3306   3363         rc = sqlite3BtreeMovetoUnpacked(pC->pCursor, &r, 0, 0, &res);
  3307   3364         if( rc!=SQLITE_OK ){
  3308   3365           goto abort_due_to_error;
  3309   3366         }
  3310   3367         pC->rowidIsValid = 0;
  3311   3368       }
................................................................................
  3424   3481     if( ALWAYS(pC->pCursor!=0) ){
  3425   3482   
  3426   3483       assert( pC->isTable==0 );
  3427   3484       if( pOp->p4.i>0 ){
  3428   3485         r.pKeyInfo = pC->pKeyInfo;
  3429   3486         r.nField = (u16)pOp->p4.i;
  3430   3487         r.aMem = pIn3;
         3488  +#ifdef SQLITE_DEBUG
         3489  +      { int i; for(i=0; i<r.nField; i++) assert( memIsValid(&r.aMem[i]) ); }
         3490  +#endif
  3431   3491         r.flags = UNPACKED_PREFIX_MATCH;
  3432   3492         pIdxKey = &r;
  3433   3493       }else{
  3434   3494         assert( pIn3->flags & MEM_Blob );
  3435         -      ExpandBlob(pIn3);
         3495  +      assert( (pIn3->flags & MEM_Zero)==0 );  /* zeroblobs already expanded */
  3436   3496         pIdxKey = sqlite3VdbeRecordUnpack(pC->pKeyInfo, pIn3->n, pIn3->z,
  3437   3497                                           aTempRec, sizeof(aTempRec));
  3438   3498         if( pIdxKey==0 ){
  3439   3499           goto no_mem;
  3440   3500         }
  3441   3501         pIdxKey->flags |= UNPACKED_PREFIX_MATCH;
  3442   3502       }
................................................................................
  3521   3581   
  3522   3582     if( pCrsr!=0 ){
  3523   3583       /* Populate the index search key. */
  3524   3584       r.pKeyInfo = pCx->pKeyInfo;
  3525   3585       r.nField = nField + 1;
  3526   3586       r.flags = UNPACKED_PREFIX_SEARCH;
  3527   3587       r.aMem = aMx;
         3588  +#ifdef SQLITE_DEBUG
         3589  +    { int i; for(i=0; i<r.nField; i++) assert( memIsValid(&r.aMem[i]) ); }
         3590  +#endif
  3528   3591   
  3529   3592       /* Extract the value of R from register P3. */
  3530   3593       sqlite3VdbeMemIntegerify(pIn3);
  3531   3594       R = pIn3->u.i;
  3532   3595   
  3533   3596       /* Search the B-Tree index. If no conflicting record is found, jump
  3534   3597       ** to P2. Otherwise, copy the rowid of the conflicting record to
................................................................................
  3697   3760             /* Assert that P3 is a valid memory cell. */
  3698   3761             assert( pOp->p3<=pFrame->nMem );
  3699   3762             pMem = &pFrame->aMem[pOp->p3];
  3700   3763           }else{
  3701   3764             /* Assert that P3 is a valid memory cell. */
  3702   3765             assert( pOp->p3<=p->nMem );
  3703   3766             pMem = &aMem[pOp->p3];
         3767  +          memAboutToChange(p, pMem);
  3704   3768           }
         3769  +        assert( memIsValid(pMem) );
  3705   3770   
  3706   3771           REGISTER_TRACE(pOp->p3, pMem);
  3707   3772           sqlite3VdbeMemIntegerify(pMem);
  3708   3773           assert( (pMem->flags & MEM_Int)!=0 );  /* mem(P3) holds an integer */
  3709   3774           if( pMem->u.i==MAX_ROWID || pC->useRandomRowid ){
  3710   3775             rc = SQLITE_FULL;   /* IMP: R-12275-61338 */
  3711   3776             goto abort_due_to_error;
................................................................................
  3806   3871     int seekResult;   /* Result of prior seek or 0 if no USESEEKRESULT flag */
  3807   3872     const char *zDb;  /* database name - used by the update hook */
  3808   3873     const char *zTbl; /* Table name - used by the opdate hook */
  3809   3874     int op;           /* Opcode for update hook: SQLITE_UPDATE or SQLITE_INSERT */
  3810   3875   
  3811   3876     pData = &aMem[pOp->p2];
  3812   3877     assert( pOp->p1>=0 && pOp->p1<p->nCursor );
         3878  +  assert( memIsValid(pData) );
  3813   3879     pC = p->apCsr[pOp->p1];
  3814   3880     assert( pC!=0 );
  3815   3881     assert( pC->pCursor!=0 );
  3816   3882     assert( pC->pseudoTableReg==0 );
  3817   3883     assert( pC->isTable );
  3818   3884     REGISTER_TRACE(pOp->p2, pData);
  3819   3885   
  3820   3886     if( pOp->opcode==OP_Insert ){
  3821   3887       pKey = &aMem[pOp->p3];
  3822   3888       assert( pKey->flags & MEM_Int );
         3889  +    assert( memIsValid(pKey) );
  3823   3890       REGISTER_TRACE(pOp->p3, pKey);
  3824   3891       iKey = pKey->u.i;
  3825   3892     }else{
  3826   3893       assert( pOp->opcode==OP_InsertInt );
  3827   3894       iKey = pOp->p3;
  3828   3895     }
  3829   3896   
................................................................................
  3963   4030   case OP_RowData: {
  3964   4031     VdbeCursor *pC;
  3965   4032     BtCursor *pCrsr;
  3966   4033     u32 n;
  3967   4034     i64 n64;
  3968   4035   
  3969   4036     pOut = &aMem[pOp->p2];
         4037  +  memAboutToChange(p, pOut);
  3970   4038   
  3971   4039     /* Note that RowKey and RowData are really exactly the same instruction */
  3972   4040     assert( pOp->p1>=0 && pOp->p1<p->nCursor );
  3973   4041     pC = p->apCsr[pOp->p1];
  3974   4042     assert( pC->isTable || pOp->opcode==OP_RowKey );
  3975   4043     assert( pC->isIndex || pOp->opcode==OP_RowData );
  3976   4044     assert( pC!=0 );
................................................................................
  4305   4373     assert( pC!=0 );
  4306   4374     pCrsr = pC->pCursor;
  4307   4375     if( ALWAYS(pCrsr!=0) ){
  4308   4376       r.pKeyInfo = pC->pKeyInfo;
  4309   4377       r.nField = (u16)pOp->p3;
  4310   4378       r.flags = 0;
  4311   4379       r.aMem = &aMem[pOp->p2];
         4380  +#ifdef SQLITE_DEBUG
         4381  +    { int i; for(i=0; i<r.nField; i++) assert( memIsValid(&r.aMem[i]) ); }
         4382  +#endif
  4312   4383       rc = sqlite3BtreeMovetoUnpacked(pCrsr, &r, 0, 0, &res);
  4313   4384       if( rc==SQLITE_OK && res==0 ){
  4314   4385         rc = sqlite3BtreeDelete(pCrsr);
  4315   4386       }
  4316   4387       assert( pC->deferredMoveto==0 );
  4317   4388       pC->cacheStatus = CACHE_STALE;
  4318   4389     }
................................................................................
  4398   4469       r.nField = (u16)pOp->p4.i;
  4399   4470       if( pOp->p5 ){
  4400   4471         r.flags = UNPACKED_INCRKEY | UNPACKED_IGNORE_ROWID;
  4401   4472       }else{
  4402   4473         r.flags = UNPACKED_IGNORE_ROWID;
  4403   4474       }
  4404   4475       r.aMem = &aMem[pOp->p3];
         4476  +#ifdef SQLITE_DEBUG
         4477  +    { int i; for(i=0; i<r.nField; i++) assert( memIsValid(&r.aMem[i]) ); }
         4478  +#endif
  4405   4479       rc = sqlite3VdbeIdxKeyCompare(pC, &r, &res);
  4406   4480       if( pOp->opcode==OP_IdxLT ){
  4407   4481         res = -res;
  4408   4482       }else{
  4409   4483         assert( pOp->opcode==OP_IdxGE );
  4410   4484         res++;
  4411   4485       }
................................................................................
  4497   4571     assert( (p->btreeMask & (1<<pOp->p2))!=0 );
  4498   4572     rc = sqlite3BtreeClearTable(
  4499   4573         db->aDb[pOp->p2].pBt, pOp->p1, (pOp->p3 ? &nChange : 0)
  4500   4574     );
  4501   4575     if( pOp->p3 ){
  4502   4576       p->nChange += nChange;
  4503   4577       if( pOp->p3>0 ){
         4578  +      assert( memIsValid(&aMem[pOp->p3]) );
         4579  +      memAboutToChange(p, &aMem[pOp->p3]);
  4504   4580         aMem[pOp->p3].u.i += nChange;
  4505   4581       }
  4506   4582     }
  4507   4583     break;
  4508   4584   }
  4509   4585   
  4510   4586   /* Opcode: CreateTable P1 P2 * * *
................................................................................
  4859   4935     Mem *pEnd;              /* Last memory cell in new array */
  4860   4936     VdbeFrame *pFrame;      /* New vdbe frame to execute in */
  4861   4937     SubProgram *pProgram;   /* Sub-program to execute */
  4862   4938     void *t;                /* Token identifying trigger */
  4863   4939   
  4864   4940     pProgram = pOp->p4.pProgram;
  4865   4941     pRt = &aMem[pOp->p3];
         4942  +  assert( memIsValid(pRt) );
  4866   4943     assert( pProgram->nOp>0 );
  4867   4944     
  4868   4945     /* If the p5 flag is clear, then recursive invocation of triggers is 
  4869   4946     ** disabled for backwards compatibility (p5 is set if this sub-program
  4870   4947     ** is really a trigger, not a foreign key action, and the flag set
  4871   4948     ** and cleared by the "PRAGMA recursive_triggers" command is clear).
  4872   4949     ** 
................................................................................
  5028   5105     VdbeFrame *pFrame;
  5029   5106     if( p->pFrame ){
  5030   5107       for(pFrame=p->pFrame; pFrame->pParent; pFrame=pFrame->pParent);
  5031   5108       pIn1 = &pFrame->aMem[pOp->p1];
  5032   5109     }else{
  5033   5110       pIn1 = &aMem[pOp->p1];
  5034   5111     }
         5112  +  assert( memIsValid(pIn1) );
  5035   5113     sqlite3VdbeMemIntegerify(pIn1);
  5036   5114     pIn2 = &aMem[pOp->p2];
  5037   5115     sqlite3VdbeMemIntegerify(pIn2);
  5038   5116     if( pIn1->u.i<pIn2->u.i){
  5039   5117       pIn1->u.i = pIn2->u.i;
  5040   5118     }
  5041   5119     break;
................................................................................
  5112   5190   
  5113   5191     n = pOp->p5;
  5114   5192     assert( n>=0 );
  5115   5193     pRec = &aMem[pOp->p2];
  5116   5194     apVal = p->apArg;
  5117   5195     assert( apVal || n==0 );
  5118   5196     for(i=0; i<n; i++, pRec++){
         5197  +    assert( memIsValid(pRec) );
  5119   5198       apVal[i] = pRec;
         5199  +    memAboutToChange(p, pRec);
  5120   5200       sqlite3VdbeMemStoreType(pRec);
  5121   5201     }
  5122   5202     ctx.pFunc = pOp->p4.pFunc;
  5123   5203     assert( pOp->p3>0 && pOp->p3<=p->nMem );
  5124   5204     ctx.pMem = pMem = &aMem[pOp->p3];
  5125   5205     pMem->n++;
  5126   5206     ctx.s.flags = MEM_Null;
................................................................................
  5507   5587     int res;
  5508   5588     int i;
  5509   5589     Mem **apArg;
  5510   5590   
  5511   5591     pQuery = &aMem[pOp->p3];
  5512   5592     pArgc = &pQuery[1];
  5513   5593     pCur = p->apCsr[pOp->p1];
         5594  +  assert( memIsValid(pQuery) );
  5514   5595     REGISTER_TRACE(pOp->p3, pQuery);
  5515   5596     assert( pCur->pVtabCursor );
  5516   5597     pVtabCursor = pCur->pVtabCursor;
  5517   5598     pVtab = pVtabCursor->pVtab;
  5518   5599     pModule = pVtab->pModule;
  5519   5600   
  5520   5601     /* Grab the index number and argc parameters */
................................................................................
  5562   5643     Mem *pDest;
  5563   5644     sqlite3_context sContext;
  5564   5645   
  5565   5646     VdbeCursor *pCur = p->apCsr[pOp->p1];
  5566   5647     assert( pCur->pVtabCursor );
  5567   5648     assert( pOp->p3>0 && pOp->p3<=p->nMem );
  5568   5649     pDest = &aMem[pOp->p3];
         5650  +  memAboutToChange(p, pDest);
  5569   5651     if( pCur->nullRow ){
  5570   5652       sqlite3VdbeMemSetNull(pDest);
  5571   5653       break;
  5572   5654     }
  5573   5655     pVtab = pCur->pVtabCursor->pVtab;
  5574   5656     pModule = pVtab->pModule;
  5575   5657     assert( pModule->xColumn );
................................................................................
  5660   5742   case OP_VRename: {
  5661   5743     sqlite3_vtab *pVtab;
  5662   5744     Mem *pName;
  5663   5745   
  5664   5746     pVtab = pOp->p4.pVtab->pVtab;
  5665   5747     pName = &aMem[pOp->p1];
  5666   5748     assert( pVtab->pModule->xRename );
         5749  +  assert( memIsValid(pName) );
  5667   5750     REGISTER_TRACE(pOp->p1, pName);
  5668   5751     assert( pName->flags & MEM_Str );
  5669   5752     rc = pVtab->pModule->xRename(pVtab, pName->z);
  5670   5753     importVtabErrMsg(p, pVtab);
  5671   5754   
  5672   5755     break;
  5673   5756   }
................................................................................
  5710   5793     pModule = (sqlite3_module *)pVtab->pModule;
  5711   5794     nArg = pOp->p2;
  5712   5795     assert( pOp->p4type==P4_VTAB );
  5713   5796     if( ALWAYS(pModule->xUpdate) ){
  5714   5797       apArg = p->apArg;
  5715   5798       pX = &aMem[pOp->p3];
  5716   5799       for(i=0; i<nArg; i++){
         5800  +      assert( memIsValid(pX) );
         5801  +      memAboutToChange(p, pX);
  5717   5802         sqlite3VdbeMemStoreType(pX);
  5718   5803         apArg[i] = pX;
  5719   5804         pX++;
  5720   5805       }
  5721   5806       rc = pModule->xUpdate(pVtab, nArg, apArg, &rowid);
  5722   5807       importVtabErrMsg(p, pVtab);
  5723   5808       if( rc==SQLITE_OK && pOp->p1 ){

Changes to src/vdbeInt.h.

   148    148     double r;           /* Real value */
   149    149     sqlite3 *db;        /* The associated database connection */
   150    150     char *z;            /* String or BLOB value */
   151    151     int n;              /* Number of characters in string value, excluding '\0' */
   152    152     u16 flags;          /* Some combination of MEM_Null, MEM_Str, MEM_Dyn, etc. */
   153    153     u8  type;           /* One of SQLITE_NULL, SQLITE_TEXT, SQLITE_INTEGER, etc */
   154    154     u8  enc;            /* SQLITE_UTF8, SQLITE_UTF16BE, SQLITE_UTF16LE */
          155  +#ifdef SQLITE_DEBUG
          156  +  Mem *pScopyFrom;    /* This Mem is a shallow copy of pScopyFrom */
          157  +  void *pFiller;      /* So that sizeof(Mem) is a multiple of 8 */
          158  +#endif
   155    159     void (*xDel)(void *);  /* If not null, call this function to delete Mem.z */
   156    160     char *zMalloc;      /* Dynamic buffer allocated by sqlite3_malloc() */
   157    161   };
   158    162   
   159    163   /* One or more of the following flags are set to indicate the validOK
   160    164   ** representations of the value stored in the Mem struct.
   161    165   **
................................................................................
   174    178   #define MEM_Null      0x0001   /* Value is NULL */
   175    179   #define MEM_Str       0x0002   /* Value is a string */
   176    180   #define MEM_Int       0x0004   /* Value is an integer */
   177    181   #define MEM_Real      0x0008   /* Value is a real number */
   178    182   #define MEM_Blob      0x0010   /* Value is a BLOB */
   179    183   #define MEM_RowSet    0x0020   /* Value is a RowSet object */
   180    184   #define MEM_Frame     0x0040   /* Value is a VdbeFrame object */
          185  +#define MEM_Invalid   0x0080   /* Value is undefined */
   181    186   #define MEM_TypeMask  0x00ff   /* Mask of type bits */
   182    187   
   183    188   /* Whenever Mem contains a valid string or blob representation, one of
   184    189   ** the following flags must be set to determine the memory management
   185    190   ** policy for Mem.z.  The MEM_Term flag tells us whether or not the
   186    191   ** string is \000 or \u0000 terminated
   187    192   */
   188    193   #define MEM_Term      0x0200   /* String rep is nul terminated */
   189    194   #define MEM_Dyn       0x0400   /* Need to call sqliteFree() on Mem.z */
   190    195   #define MEM_Static    0x0800   /* Mem.z points to a static string */
   191    196   #define MEM_Ephem     0x1000   /* Mem.z points to an ephemeral string */
   192    197   #define MEM_Agg       0x2000   /* Mem.z points to an agg function context */
   193    198   #define MEM_Zero      0x4000   /* Mem.i contains count of 0s appended to blob */
   194         -
   195    199   #ifdef SQLITE_OMIT_INCRBLOB
   196    200     #undef MEM_Zero
   197    201     #define MEM_Zero 0x0000
   198    202   #endif
   199         -
   200    203   
   201    204   /*
   202    205   ** Clear any existing type flags from a Mem and replace them with f
   203    206   */
   204    207   #define MemSetTypeFlag(p, f) \
   205    208      ((p)->flags = ((p)->flags&~(MEM_TypeMask|MEM_Zero))|f)
   206    209   
          210  +/*
          211  +** Return true if a memory cell is not marked as invalid.  This macro
          212  +** is for use inside assert() statements only.
          213  +*/
          214  +#ifdef SQLITE_DEBUG
          215  +#define memIsValid(M)  ((M)->flags & MEM_Invalid)==0
          216  +#endif
          217  +
   207    218   
   208    219   /* A VdbeFunc is just a FuncDef (defined in sqliteInt.h) that contains
   209    220   ** additional information about auxiliary information bound to arguments
   210    221   ** of the function.  This is used to implement the sqlite3_get_auxdata()
   211    222   ** and sqlite3_set_auxdata() APIs.  The "auxdata" is some auxiliary data
   212    223   ** that can be associated with a constant argument to a function.  This
   213    224   ** allows functions such as "regexp" to compile their constant regular
................................................................................
   387    398   int sqlite3VdbeMemFinalize(Mem*, FuncDef*);
   388    399   const char *sqlite3OpcodeName(int);
   389    400   int sqlite3VdbeMemGrow(Mem *pMem, int n, int preserve);
   390    401   int sqlite3VdbeCloseStatement(Vdbe *, int);
   391    402   void sqlite3VdbeFrameDelete(VdbeFrame*);
   392    403   int sqlite3VdbeFrameRestore(VdbeFrame *);
   393    404   void sqlite3VdbeMemStoreType(Mem *pMem);
          405  +
          406  +#ifdef SQLITE_DEBUG
          407  +void sqlite3VdbeMemPrepareToChange(Vdbe*,Mem*);
          408  +#endif
   394    409   
   395    410   #ifndef SQLITE_OMIT_FOREIGN_KEY
   396    411   int sqlite3VdbeCheckFk(Vdbe *, int);
   397    412   #else
   398    413   # define sqlite3VdbeCheckFk(p,i) 0
   399    414   #endif
   400    415   

Changes to src/vdbemem.c.

   128    128     if( (f&(MEM_Str|MEM_Blob)) && pMem->z!=pMem->zMalloc ){
   129    129       if( sqlite3VdbeMemGrow(pMem, pMem->n + 2, 1) ){
   130    130         return SQLITE_NOMEM;
   131    131       }
   132    132       pMem->z[pMem->n] = 0;
   133    133       pMem->z[pMem->n+1] = 0;
   134    134       pMem->flags |= MEM_Term;
          135  +#ifdef SQLITE_DEBUG
          136  +    pMem->pScopyFrom = 0;
          137  +#endif
   135    138     }
   136    139   
   137    140     return SQLITE_OK;
   138    141   }
   139    142   
   140    143   /*
   141    144   ** If the given Mem* has a zero-filled tail, turn it into an ordinary
................................................................................
   589    592         n += p->u.nZero;
   590    593       }
   591    594       return n>p->db->aLimit[SQLITE_LIMIT_LENGTH];
   592    595     }
   593    596     return 0; 
   594    597   }
   595    598   
          599  +#ifdef SQLITE_DEBUG
          600  +/*
          601  +** This routine prepares a memory cell for modication by breaking
          602  +** its link to a shallow copy and by marking any current shallow
          603  +** copies of this cell as invalid.
          604  +**
          605  +** This is used for testing and debugging only - to make sure shallow
          606  +** copies are not misused.
          607  +*/
          608  +void sqlite3VdbeMemPrepareToChange(Vdbe *pVdbe, Mem *pMem){
          609  +  int i;
          610  +  Mem *pX;
          611  +  for(i=1, pX=&pVdbe->aMem[1]; i<=pVdbe->nMem; i++, pX++){
          612  +    if( pX->pScopyFrom==pMem ){
          613  +      pX->flags |= MEM_Invalid;
          614  +      pX->pScopyFrom = 0;
          615  +    }
          616  +  }
          617  +  pMem->pScopyFrom = 0;
          618  +}
          619  +#endif /* SQLITE_DEBUG */
          620  +
   596    621   /*
   597    622   ** Size of struct Mem not including the Mem.zMalloc member.
   598    623   */
   599    624   #define MEMCELLSIZE (size_t)(&(((Mem *)0)->zMalloc))
   600    625   
   601    626   /*
   602    627   ** Make an shallow copy of pFrom into pTo.  Prior contents of

Added test/tkt-b351d95f9.test.

            1  +# 2010 September 28
            2  +#
            3  +# The author disclaims copyright to this source code.  In place of
            4  +# a legal notice, here is a blessing:
            5  +#
            6  +#    May you do good and not evil.
            7  +#    May you find forgiveness for yourself and forgive others.
            8  +#    May you share freely, never taking more than you give.
            9  +#
           10  +#***********************************************************************
           11  +# This file implements regression tests for SQLite library. Specifically,
           12  +# it tests that ticket [b351d95f9cd5ef17e9d9dbae18f5ca8611190001] has been
           13  +# resolved.
           14  +#
           15  +
           16  +set testdir [file dirname $argv0]
           17  +source $testdir/tester.tcl
           18  +source $testdir/lock_common.tcl
           19  +source $testdir/malloc_common.tcl
           20  +
           21  +do_test tkt-b351d95.1 {
           22  +  execsql {
           23  +    CREATE table t1(a,b);
           24  +    INSERT INTO t1 VALUES('name1','This is a test');
           25  +    INSERT INTO t1 VALUES('name2','xyz');
           26  +    CREATE TABLE t2(x,y);
           27  +    INSERT INTO t2 SELECT a, CASE b WHEN 'xyz' THEN null ELSE b END FROM t1;
           28  +    SELECT x, y FROM t2 ORDER BY x;
           29  +  }
           30  +} {name1 {This is a test} name2 {}}
           31  +
           32  +do_test tkt-b351d95.2 {
           33  +  execsql {
           34  +    DELETE FROM t2;
           35  +    INSERT INTO t2 SELECT a, coalesce(b,a) FROM t1;
           36  +    SELECT x, y FROM t2 ORDER BY x;
           37  +  }
           38  +} {name1 {This is a test} name2 xyz}
           39  +do_test tkt-b351d95.3 {
           40  +  execsql {
           41  +    DELETE FROM t2;
           42  +    INSERT INTO t2 SELECT a, coalesce(b,a) FROM t1;
           43  +    SELECT x, y BETWEEN 'xy' AND 'xz' FROM t2 ORDER BY x;
           44  +  }
           45  +} {name1 0 name2 1}
           46  +
           47  +finish_test